[SUSE-SU-2021:2027-1] Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-24_64 fixes several issues.
The following issues were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484).
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111).
- CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges (bnc#1186060).
- Fixed a data loss/data corruption that occurs if there is a write error on an md/raid array (bsc#1185680).
- ID
- SUSE-SU-2021:2027-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2021/suse-su-20212027-1/
- Published
-
2021-06-18T09:40:50
(3 years ago) - Modified
-
2021-06-18T09:40:50
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2021-1516
- ALAS2-2021-1675
- ALAS2-2021-1685
- ALSA-2021:2570
- ALSA-2021:4356
- ELSA-2021-2570
- ELSA-2021-2725
- ELSA-2021-4356
- ELSA-2021-9346
- ELSA-2021-9349
- ELSA-2021-9351
- ELSA-2021-9362
- ELSA-2021-9363
- ELSA-2021-9404
- ELSA-2021-9406
- ELSA-2021-9452
- ELSA-2021-9453
- FEDORA-2021-05152dbcf5
- FEDORA-2021-0b35886add
- FEDORA-2021-286375de1e
- FEDORA-2021-646098b5b8
- FEDORA-2021-bae582b42c
- MS:CVE-2021-23134
- MS:CVE-2021-33034
- MS:CVE-2021-33200
- openSUSE-SU-2021:0843-1
- openSUSE-SU-2021:0947-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- openSUSE-SU-2021:2427-1
- RHSA-2021:2563
- RHSA-2021:2570
- RHSA-2021:2599
- RHSA-2021:2725
- RHSA-2021:2726
- RHSA-2021:2727
- RHSA-2021:4140
- RHSA-2021:4356
- RLSA-2021:2570
- SSA:2021-202-01
- SUSE-SU-2021:1887-1
- SUSE-SU-2021:1888-1
- SUSE-SU-2021:1889-1
- SUSE-SU-2021:1890-1
- SUSE-SU-2021:1891-1
- SUSE-SU-2021:1899-1
- SUSE-SU-2021:1912-1
- SUSE-SU-2021:1913-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2021:2020-1
- SUSE-SU-2021:2025-1
- SUSE-SU-2021:2026-1
- SUSE-SU-2021:2042-1
- SUSE-SU-2021:2057-1
- SUSE-SU-2021:2060-1
- SUSE-SU-2021:2067-1
- SUSE-SU-2021:2198-1
- SUSE-SU-2021:2208-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2021:2577-1
- SUSE-SU-2022:0234-1
- SUSE-SU-2022:0243-1
- SUSE-SU-2022:0255-1
- SUSE-SU-2022:0263-1
- SUSE-SU-2022:0291-1
- SUSE-SU-2022:0293-1
- SUSE-SU-2022:0296-1
- SUSE-SU-2022:0325-1
- SUSE-SU-2022:0327-1
- SUSE-SU-2024:0925-1
- SUSE-SU-2024:0975-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1648-1
- SUSE-SU-2024:1870-1
- USN-4983-1
- USN-4997-1
- USN-4997-2
- USN-4999-1
- USN-5000-1
- USN-5000-2
- USN-5001-1
- USN-5016-1
- USN-5018-1
- USN-5299-1
- USN-5343-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2027-1.json | |
Suse | URL for SUSE-SU-2021:2027-1 | https://www.suse.com/support/update/announcement/2021/suse-su-20212027-1/ | |
Suse | E-Mail link for SUSE-SU-2021:2027-1 | https://lists.suse.com/pipermail/sle-security-updates/2021-June/009046.html | |
Bugzilla | SUSE Bug 1185847 | https://bugzilla.suse.com/1185847 | |
Bugzilla | SUSE Bug 1186061 | https://bugzilla.suse.com/1186061 | |
Bugzilla | SUSE Bug 1186285 | https://bugzilla.suse.com/1186285 | |
Bugzilla | SUSE Bug 1186498 | https://bugzilla.suse.com/1186498 | |
CVE | SUSE CVE CVE-2021-23134 page | https://www.suse.com/security/cve/CVE-2021-23134/ | |
CVE | SUSE CVE CVE-2021-33034 page | https://www.suse.com/security/cve/CVE-2021-33034/ | |
CVE | SUSE CVE CVE-2021-33200 page | https://www.suse.com/security/cve/CVE-2021-33200/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |